Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466363a3a2f34382d3438203d3e20323038343231.roa
File:                     326131313a323963303a336466363a3a2f34382d3438203d3e20323038343231.roa (raw, json)
Hash identifier:          bw9Ao7cWqFDq/Jh5vizAQqSEwdoB9VsPUcxJTrpJX2w=
Subject key identifier:   79:0F:06:4A:43:B8:2C:EE:0A:9E:00:39:DD:3C:6D:98:54:CC:58:C4
Certificate issuer:       /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial:       6E0DEA6F778F4EA6CDB22259EB1A68DE18108311
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466363a3a2f34382d3438203d3e20323038343231.roa
Signing time:             Wed 19 Jun 2024 14:01:18 +0000
ROA not before:           Wed 19 Jun 2024 13:56:18 +0000
ROA not after:            Wed 18 Jun 2025 14:01:18 +0000
asID:                     208421
IP address blocks:        2a11:29c0:3df6::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 26 Jun 2024 14:33:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6e:0d:ea:6f:77:8f:4e:a6:cd:b2:22:59:eb:1a:68:de:18:10:83:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
        Validity
            Not Before: Jun 19 13:56:18 2024 GMT
            Not After : Jun 18 14:01:18 2025 GMT
        Subject: CN=790F064A43B82CEE0A9E0039DD3C6D9854CC58C4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:38:e3:9d:7e:3e:98:2f:ee:56:5f:64:4c:d4:
                    e9:c0:2e:af:a9:92:46:0a:1e:19:d4:d6:a3:00:e2:
                    13:79:42:6d:1e:13:3c:c8:d3:b1:ce:b1:54:9d:e0:
                    77:f3:5a:a5:d2:18:a3:dd:2b:13:14:e7:9e:76:e2:
                    5f:cb:1e:f3:f9:49:0b:a6:c2:46:cb:51:89:be:c1:
                    5e:50:3a:1b:18:26:02:fe:23:57:14:f2:78:af:32:
                    5e:34:bb:35:d5:3d:b7:df:4b:f6:05:64:fb:f2:4f:
                    d1:e8:fb:40:bf:fc:87:8c:5c:3a:7d:1b:2d:53:d9:
                    fb:b4:ea:a3:5a:57:2f:5f:e9:0b:a6:37:da:cc:0c:
                    fe:61:d0:c4:65:e6:d5:c2:8b:e2:64:c8:f4:2f:0b:
                    c1:27:83:f1:e8:a8:a7:50:37:01:7a:52:5d:fe:c3:
                    23:1c:b5:70:0f:29:4f:6c:f8:ff:b7:9d:9a:c1:c0:
                    85:3b:f6:9b:d0:49:72:de:e8:93:76:28:69:7d:93:
                    89:4b:fe:ce:e2:d4:cd:e4:9b:59:f8:dc:56:6e:1a:
                    2b:46:03:bc:b3:d9:0c:e8:61:ab:5f:ab:91:bd:3d:
                    94:09:44:6d:e6:85:aa:04:2e:1d:59:43:42:81:fd:
                    04:6b:ec:78:ef:0e:8e:e8:1d:18:3c:dc:5b:d5:6c:
                    c5:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:0F:06:4A:43:B8:2C:EE:0A:9E:00:39:DD:3C:6D:98:54:CC:58:C4
            X509v3 Authority Key Identifier:
                keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466363a3a2f34382d3438203d3e20323038343231.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:29c0:3df6::/48

    Signature Algorithm: sha256WithRSAEncryption
         63:a5:87:a2:f9:01:f2:94:e4:8a:1f:29:9c:45:b3:e6:08:09:
         5d:d7:d1:68:36:9d:3e:3a:f7:9d:df:22:39:2f:b0:11:19:81:
         2e:63:6b:0c:96:38:f5:62:29:4d:b2:b4:9a:1a:e8:e5:f4:d2:
         3b:14:c2:03:0a:76:bc:91:30:34:1a:21:f0:52:02:1d:1f:ca:
         50:44:f8:78:da:44:85:7a:0b:7f:b8:00:19:99:12:07:a6:ba:
         06:b9:f5:9e:74:a5:0c:fa:32:dd:20:b7:19:20:cf:24:66:43:
         7e:05:d7:2e:ad:56:f8:bd:b4:be:8d:a3:0c:d7:6b:fd:49:80:
         1f:50:3d:65:11:8d:6c:62:59:62:ff:57:7f:f7:d4:78:07:03:
         54:36:fd:04:8b:c7:e7:74:62:fb:9a:94:c3:06:d5:88:cd:dc:
         bb:f7:35:a0:0d:ff:bd:ab:28:8d:8f:37:fd:c4:66:4b:88:cc:
         38:85:d1:59:48:74:fc:aa:e1:45:86:d9:9c:a0:5b:c0:1c:17:
         66:12:ee:e4:50:46:bc:36:3a:8d:ae:c1:dc:5e:62:02:0d:19:
         2b:7a:4b:8f:c7:7b:8d:93:af:64:a0:e4:4f:a0:29:1e:b1:5c:
         bc:f8:93:00:2e:7a:e8:6c:d7:21:dc:b0:74:b5:07:98:eb:47:
         d0:23:98:b8
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUbg3qb3ePTqbNsiJZ6xpo3hgQgxEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNDA2MTkxMzU2MThaFw0yNTA2MTgxNDAxMThaMDMxMTAvBgNV
BAMTKDc5MEYwNjRBNDNCODJDRUUwQTlFMDAzOUREM0M2RDk4NTRDQzU4QzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHOOOdfj6YL+5WX2RM1OnALq+p
kkYKHhnU1qMA4hN5Qm0eEzzI07HOsVSd4HfzWqXSGKPdKxMU55524l/LHvP5SQum
wkbLUYm+wV5QOhsYJgL+I1cU8nivMl40uzXVPbffS/YFZPvyT9Ho+0C//IeMXDp9
Gy1T2fu06qNaVy9f6QumN9rMDP5h0MRl5tXCi+JkyPQvC8Eng/HoqKdQNwF6Ul3+
wyMctXAPKU9s+P+3nZrBwIU79pvQSXLe6JN2KGl9k4lL/s7i1M3km1n43FZuGitG
A7yz2QzoYatfq5G9PZQJRG3mhaoELh1ZQ0KB/QRr7HjvDo7oHRg83FvVbMVtAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUeQ8GSkO4LO4KngA53TxtmFTMWMQwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMzY0NjYzNjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzODM0MzIzMS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRKcA99jANBgkqhkiG9w0BAQsFAAOCAQEAY6WHovkB8pTkih8p
nEWz5ggJXdfRaDadPjr3nd8iOS+wERmBLmNrDJY49WIpTbK0mhro5fTSOxTCAwp2
vJEwNBoh8FICHR/KUET4eNpEhXoLf7gAGZkSB6a6Brn1nnSlDPoy3SC3GSDPJGZD
fgXXLq1W+L20vo2jDNdr/UmAH1A9ZRGNbGJZYv9Xf/fUeAcDVDb9BIvH53Ri+5qU
wwbViM3cu/c1oA3/vasojY83/cRmS4jMOIXRWUh0/KrhRYbZnKBbwBwXZhLu5FBG
vDY6ja7B3F5iAg0ZK3pLj8d7jZOvZKDkT6ApHrFcvPiTAC566GzXIdywdLUHmOtH
0COYuA==
-----END CERTIFICATE-----
Generated at Tue Jun 25 20:25:27 2024 by rpki-client on console-ams.rpki-client.org